Re: Security restrictions in signed applets

From: icanoop@xxxxxxxxx
Date: 27 Dec 2006 22:02:39 -0800

Andrew Thompson wrote:

Describe what it is specifically, that
'seems to be working fine'. Is the user
prompted to grant extra permissions?

When I load the applet in a web browser I get a security warning pop-up
window that says:

The applications digital signature has been verified. Do you want
to run the application?

The digital signature has been validated by a trusted source.

The choices presented are Run and Cancel. Then when I click More
Information... I see a list of messages. The one that seems to be
relevant is:

This application will be run without the security restrictions
normally provided by Java.

I of course choose Run. I think Cancel means run without the extra
permissions. I never see anything that specifically requests any
permissions though. I thought running without the normal security
restrictions implies that.

That agrees with my understanding, as well
(so long as the user agreed 'yes' when asked
to run the extended permissions applet), and there
is no browser, or plug-in setting that overrides the
end user's ability to extend privileges from an applet
(though I would hope to get some feedback from
whatever was interfering with the applet).

I have not changed any security policy files from my java installation
or done anything with policytool.

Have you tried ..
- refreshing the cache?

Yes, every time I load the applet.

- another browser?

Yes, IE 7.

...How can give my applet
extra permissions without forcing the user to edit the security policy
file?

Use web-start to launch it (is one way).

I would love to use web start but I need the application to run in a
browser window, not in a separate window.

I'm using the Sun Java Plugin 1.6.0 on Windows with Firefox 2.0.

What is the behaviour in IE?

Same as Firefox. They both are using the Java plugin from Java 1.6.0.

Ryan

.

Follow-Ups:
- Re: Security restrictions in signed applets
  - From: Andrew Thompson

References:
- Security restrictions in signed applets
  - From: icanoop
- Re: Security restrictions in signed applets
  - From: Andrew Thompson

Prev by Date: Creating new word document
Next by Date: Re: Security restrictions in signed applets
Previous by thread: Re: Security restrictions in signed applets
Next by thread: Re: Security restrictions in signed applets
Index(es):
- Date
- Thread

Relevant Pages

Re: Getting images in applet
... > permission block for reading the file when I load it in my browser (all the ... You may want to catch security exceptions in your applet, ... inform the user that they must change their security settings. ... Applet Runner applications which can only run 'local' files (yeah, ...
(comp.lang.java.programmer)
Re: problem with showDocument
... SimonSimon wrote: ... No other method is necessary for *your* browser. ... is almost certainly security, since your applet can ...
(comp.lang.java.programmer)
RE: What server hardening are you doing these days?
... permissions on their data, and Microsoft encourages ISVs to minimize ... I've been able to discuss ACLs and other security issues in Windows with ... Control or DAC (which is what you're referring to by the "stupid ...
(Focus-Microsoft)
Re: Windows Firewall Wont Stay On
... I have come up with a solution that does not disable Security Center, ... By changing the Permissions of that key, ... settings from being changed again. ... the firewall alert settings in Security Center get ...
(microsoft.public.windowsxp.help_and_support)
Re: get rid of security center?
... I have come up with a solution that does not disable Security Center, ... By changing the Permissions of that key, ... settings from being changed again. ... the firewall alert settings in Security Center get ...
(microsoft.public.windowsxp.help_and_support)